Guys need a big suggestion for login permission for different users laravel

I can suggest a solution for you is you can use multiple if condition and limited the permissions.refer below one.

https://laracasts.com/discuss/channels/laravel/display-data-based-on-user-role

@munazzil thank you for your response.

actually my first doubt is how can i differentiate the data of different hotels

how can i store it in db with specific hotel.

first what i did is i used the login id to seperate the hotel information.

but in this way only one user can enter the data. but in my case i need multi user??

User authentication should not be linked to specific hotels directly

Users should be authenticated only. Then you know who you are dealing with.

Then Authorization deals with who can do what.

Permissions deal with what you are allowed to do, so a given user needs permissions table entries that says what they can do and with which resources

A flexible permissions solution would allow, for instance, someone to create orders at one hotel, but only view orders at another hotel.

This can be a complex requirement. There are packages that enhance Laravel Authorization features to makeit easier to manage.

@snapey thank you so much for you response.. expecting your response for 3 days.

ok i understood everything.

but my doubt is,

in db table how i can store the purchase order, or income, or expenses based on that specific hotel

that is theserecords belongs to hotel1,

these records belongs to hotel2

these records belongs to hotel3

how i can give that.

hotel1 employees can access only hotel1 data. but there are permissions that who could read, who could write

and hotel 2 employee can access only hotel2 data.

and overall these must be a super admin, he can view edit all the hotel data separately or jointly and can take reports.

the question is,

how i can store the data of each hotel in db with that specific hotel..

thats the doubt??

at present what i did is based on auth->id() i differentiated the records.

Kindly please suggest me idea please please

That first problem is easy. Each record belongsTo a hotel, not a user

Therefore the record should have a hotel_id column in which you always store the id of the hotel that the record (purchase order etc) belongs to

You might also want to store which user created (or was responsible for) the record

@snapey thank you thank you so much for you response.

yes yes you are exactly right. i did that big mistake, that i made it based on user. actually i need to make it as based on hotel.

i have to make a column hotel_id in all table.. ok

but how my registration form look??

do i need to have 2 registration form 1 for hotel and another for user??

why i am asking this because, first i need to register the hotel then only i can make a user to register with that specific hotel?? am i right???

else one form is enough??

You might also want to store which user created (or was responsible for) the record -->> may i know for why i need to store the user in all table??

please reply for this.

I can't architect the whole program because I don't know if this is for a single organisation or multiple.

Is it a multi-tenant system?

So, which comes first, chicken or egg?

User registers on your site. As they only just registered, are they to be associated with an existing hotel or create a new hotel. Likely they create a new hotel. Now the hotel has an 'owner'

The owner of the hotel might want to register other users for that hotel so there needs to be a table of hotel_users which tells you which users are associated with the hotel.

If a user can be associated with a second hotel then they can be added as an extra row in this table.

Now this user has two hotels to choose from. When they login they can see a page that asks which hotel they want to work with. They could have a navbar entry to switch hotels.

You store their current hotel choice in their session. For users that don't have multiple hotels, just put their one hotel in the session. Now all users have a hotel in session.

You can now create Global scopes that apply to all models and only show records that are for the hotel that the user is working with.

may i know for why i need to store the user in all table

If you have 2,3,4 users at one hotel, which user created the purchase order? Which user booked expenses or recorded income?

@snapey thank you.. i think i confused you with my terms.

i will clear it.

there are no outside users.

this application is an inventory control system for a hotel which has three branches ( not three different hotels). the three branches are H1, H2, H3.

in H1 branch there are three types of users, accountant, employee, manager.

three of them has different permissions in this application. i will take care of the permissions, based on the usertype of the registration. thats not problem for mee

like wise H2 also has three users same employee, accountant, manager.

H3 also same.

the owner of the hotel is super admin. he only creates the username and password for the users(employee, accountant, manager). they dont have any permission to create their account.

the registration process is done only by the super admin.

now what the super admin does. i wil say. u check whether it is right or not?

1) hotel registartion with columns (hotel_name, hotel_address, etc)

2)user registration with columns(user_name, user_type, hotel_id_belongs_to, ph_number,etc)

i think the above two steps are in correct flow.

so that registration is done by the super admin.

now say for example think that branch name is H1 and in that

a registered accountant. bazith, H1, bbaaa, accountant (name, hotel_id, password,user_type)

so when accountant bazith needs to login and enter the data means what he will do

the login form

hotel_name

user_name

password

the user chooses the hotel_name from drop down, and he will type his user name and password. and based on his user type i will limit his access. so he will be logged in with that limited access. everything fine

so he will be logged in. now my question is

i have a purchase_order table with columns hotel_id and user_id.

how these two rows will be inserted in the table.

that is for user i will give auth()->id() but for hotel_id what i will give

thats what i expected??

Kindly please dont hesitate and reply

you will give the hotel->id ?

@snapey thank you..

 $purchaseorders=new PurchaseOrder; 

 $purchaseorders->login_user_id =auth()->id();

$purchaseorders->hotel_id=hotel->id; // is this right??? should i give like this?? 

hotel->id (here what is hotel(is this tabe name??))

for each and every table the hotel id must be stored??

and after that how can i retrieve the record based on hotel??

till now what i did to retrieve is

  $pur_order_lists = PurchaseOrder::where ('login_user_id',auth()->id())->orderBy('created_at','asc')->where('order_date',Carbon::today())->get();

in all my index method i used this code only. just changed the model name. when the user login based in that u retrieved the data. but based on hotel how can i do that???

now how i need to retrieve it.

Kindly reply please..

you use relationships

PurchaseOrder belongsTo Hotel

Hotel hasMany PurchaseOrder

You need to know which hotel you are creating PurchaseOrder for and then you can do like

$hotel->purchaseOrder()->create([])

This is no different than the usual Post has many comments, comment is written by user

@snapey thank you... i will try it now itself and if any doubts i will ask..

thank youu. thank youuu....

@snapey

I have a doubt.

now i have created a hotel_registrations table with columns

id
hotel_name
hotel_location
phno
password
rememberToken
timestamps();

Everthing is fine

now i need to create user for each hotel. for that i can use users table?? or can i create a new table hotel_users??

why iam asking this because

if i create hotel_users table then can i use the below lines for login.

if (auth()->attempt(request(['hotel_name', 'password'])) == true && Auth::hotel_users()->type == "user")

will these lines allow me to login. or else it shows error.

my next doubt. if i created a user means

when a user put purchase order

will these lines work auth()->id(); to store the user id.

why iam asking this because all the auth() works for table users but will it work for hotel_users table??

why iam asking this because, last two project i didnt concentrate on authentication. but for this application i need to concentrate too much for authentication. tats why i am asking..

my project flow is

super admin(owner of the hotel) who creates hotel information like(name, location, phno)

then the same super admin will also creates users for the respective hotels (username, phno, hotelid,usertype)

only the super admin has the permission to create a hotel and user.

think that now super admin had created three users for hotel1 accountant and employee

accountant has the permission to add a purchase order and view it and can delete it, edit it.

employee has permission to enter only the purchase order, no edit and delete permission.

the super admin(owner) can view all the hotel information like purchase order everything hotel wise and totally also.

this makes me so confusing

u better answer first for the tables hotel_users.. next lets talk abt the permissions

Kindly reply for this please

See my earlier reply https://laracasts.com/discuss/channels/laravel/guys-need-a-big-suggestion-for-login-permission-for-different-users-laravel?page=1#reply=504468

@snapey thank you.

ss in your earlier reply u said we can create new table hotel_users

but will auth() works with that table?

can i use login procedure with auth()??

thats the big doubt for mee..

because, when iam working with my job portal site i faced the same problem for authenticating user in another table.

even u have replied for that to use only users table please visit this

https://laracasts.com/discuss/channels/laravel/manual-authentication-process-with-user-defined-table-in-laravel

in this link u have said that better to use users table for all users.

so can i use users table for my users for hotel.

if i change the table what problem i will face. i think the auth will not work..

Kindly reply for this please

@snapey i think if i need to go with hotel_user table, then i need to move with multiple auth()

am i right??

but now i no need for multiple auth()

so i will better go with users table itself.

one doubt for idea, i think u understood who are my users. and what are my hotels.

for this is single auth() is enough??

no. This hotels_users table is a pivot associating users with hotels. You still authenticate User model as normal

@snapey thank you than youuu..

i understood clearly..

hotel is one table, users is another table. hotel_user is a pivot table to relate them

that is many to many relationship. am i right.

so the pivot table will have these columns am i right???

id
hotel_id
users_id

so one hotel can have multiple user, one user can have multiple hotel

ya i understood..

is this right??

am i understood correctly??

Yes. You don't need the id column on this table but it can be useful.

@snapey .. u thank you thank you snapey...

immediately i will try these and i will ask if any doubts

@snapey i tried these but there is problem in login

i have three tables

table: users with columns

id
user_name,
user_type
user_phno,
password

this is my hotel_registrations table with columns

id
hotel_name,
hotel_location,
phno

this is my hotel_users table with columns

id
hotel_reg_id,
users_id

and this is my User Model

 public function hotels()
    {
        return $this->belongsToMany('App\HotelRegistration', 'hotel_users','users_id','hotel_reg_id');
    }

and this is my HotelRegistrationmodel

 public function users()
    {
        return $this->belongsToMany('App\User', 'hotel_users','hotel_reg_id','users_id');
    }

and i have a login form with a select box to choose hotel name, and username, and password

<select id="hotel_id" name="hotel_id" class="form-control" style="display: block;">
                            <option value="">Choose Hotel Name</option>
                            @foreach($hotels as $hotels)
                            <option value='{{ $hotels->id }}'>{{$hotels->hotel_name
                                                }}</option>

                            @endforeach

                        </select>


 <input type="text" class="form-control" placeholder="Username" id="user_name" name="user_name">



 <input type="password" class="form-control" placeholder="Password" id="password"
                            name="password">

now how i can login with a check

i tried this but it not works

public function login(Request $request)
 {

  if (auth()->attempt(request(['user_name', 'password'])) == true && Auth::user()->user_type == "accountant" && Auth::user()->hotels() == $request->hotel_id)

 {

    dd("Login");
}

else
{
dd("error in login);
}

}

please suggest me a idea to login please...

how iam trying to login is, the user name and password should match and also the respective registered hotel for that user should also match the it should login

Kindly please reply for this

Why mess around with login? why dont you use the standard auth functionality?

@snapey

i need to do the login process manually so only i used this.

kindly suggest a solution for the coding, i was not familiar with auth functionality so only i am trying manually. for my last two projects i did like that only..

i was not familiar with auth functionality so only i am trying manually.

you probably need to take a couple of weeks take your time and learn some of that stuff.

Maybe you should not take a quick easy way.

See https://laracasts.com/discuss/channels/general-discussion/authorization-policies-and-reducing-the-repitition

Also instead of a maze and spider web of policies which would be a mess just have Separate Tables and controllers for various logins if needed like Enterprise do.

I mean there are easy ways to do what you need with a single table but somehow you are making it harder than it has to be.

You could probably add some extra roles to take care of if someone can view and another edit.

But in your case if you're having that much trouble, try to find a decent package to install to assist you.

And another thing you need to do is get away from the computer for a while get a regular number 2 pencil and some paper and draw all this stuff out with pencil and paper to make sense out of it.

But still the bottom line no matter what RBAC system you use, each method either a user can or cannot.

it can actually be that simple if you let it.

In other words if that users role does not match the required role then that user cannot enter.

But in your case and if you are really having this much trouble I would go with Separate Tables models controllers, etc.

A little more coding but it takes the mess out of roles and permissions.

And really no answer needed just giving my opinion.

ok, so suppose your login works, then your issue is here

&& Auth::user()->user_type == "accountant" && Auth::user()->hotels() == $request->hotel_id)

Assuming user_type is correct

this Auth::user()->hotels()

only gets the query builder, not any data, and then you are trying to see if it is equal to a specific hotel_id

You needto think about this....

@snapey

i changed the code to

&& Auth::user()->user_type == "accountant" && Auth::user()->hotels()->hotel_reg_id == $request->hotel_id)

it didnt help.

now what i did is

just changed the user table with columns

id
user_name
hotel_id (fk->hotel_registration table)
user_type
user_phno
password

and this is my hotel_registration table

id
hotel_name
hotel_location
phno

because using pivot table confusing me lot thats why. sorry for not following ur idea because u gave that must explanation, but i only didnt follow that. so sorry.

so in login form i have a selectbox with hotel choosing, username, password. if these three are correct the it will allow to login.

and when storing data what i did is

 $purchase_order->hotel_id =Auth::user()->hotel_id;
 $purchase_order->login_user_id =auth()->id();

this stores the hotel id and user id in the purchase_order table.

so i followed the same procedure in all tables just added extra column hotel_id with foreign key and changed the controller.

to retrieve the data based on the hotel what is did is

  $suppliers = Supplier::where ('hotel_id',Auth::user()->hotel_id)->orderBy('created_at','asc')->paginate(10);

this worked for mee.

what i decided is the hotel is small concern, so if a hotel has multi user, then for each of them i will provide a username and password registered with respective hotel.

so here i just followed one to many relationship.

and for permission issues what i planned is in my blade file if needed

  @if( auth()->check() && Auth::user()->user_type == "employee")
{
show only few buttons // type of permissions
}

 @if( auth()->check() && Auth::user()->user_type == "accountant")
{
show all buttons // type of permissions
}

and in controller if needed

 if(Auth::user()->user_type == "employee")
        {
only few permission
}


 if(Auth::user()->user_type == "accountant")
        {
all permission with few restrcition
}

all worked fine

is my process right?? else i am collapsing somewhere else?? will i face any big problem in future?

once again the hotel is small concern only. the login details are maintained myself or my boss only..

if the client need a new user etc we will only do that for next 3 months. because its a hotel so the have less knowledge with application. after their familiar then we will give the new user registration, hotel registration etc to them

Thank you for your kind suggestion and help .

without any hesitation u guided me a lot

after processing if i have any doubt i will ask.

@jlrdw thank you soo much for you suggestion. thank you..

you are right, i made it harder by thinking and thinking overthinking.

any how as u said i need to first sketch it in pencil and then only i should plan.

this is so urge and i wasted few days . thats why in hurry bury, i did this.

but with @snapey suggestion i got the point and i done with few changes.

and u gave a good suggestion to follow.

what i did i mentioned in the above comment. plz u can check and u can suggest me your ideas

@Snapey: Can i use Laravel built in authentication and use the above condition to check for roles if can u please provide some link for that, i searched it but they are all manual.